Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402487.roa
File: AS402487.roa (raw, json)
Hash identifier: BmEYjCIiCDRGrhCGCuM/+Jfblj+oXbzPY/s++NN+sx0=
Subject key identifier: AA:F1:74:8F:50:3A:A0:F7:48:5F:3B:EE:E5:1B:3F:21:1C:66:9F:E3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 25EE20DE5A8A6F385A3F16581AE6EF11BDAA41B9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402487.roa
Signing time: Tue 19 May 2026 07:20:45 +0000
ROA not before: Tue 19 May 2026 07:15:45 +0000
ROA not after: Tue 18 May 2027 07:20:45 +0000
asID: 402487
IP address blocks: 82.25.204.0/24 maxlen: 24
178.83.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 05:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:ee:20:de:5a:8a:6f:38:5a:3f:16:58:1a:e6:ef:11:bd:aa:41:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 19 07:15:45 2026 GMT
Not After : May 18 07:20:45 2027 GMT
Subject: CN=AAF1748F503AA0F7485F3BEEE51B3F211C669FE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3c:7c:bc:66:b5:a8:93:d0:1d:00:ef:61:66:
1d:aa:0f:04:d3:24:1c:1f:f0:6e:4d:ec:89:57:c2:
a9:52:96:09:ff:30:b8:b2:21:e7:5c:49:01:b5:4a:
9e:8e:5f:22:ff:13:40:51:08:cf:4a:1b:13:d8:b1:
1c:cc:10:c1:04:e8:b8:fe:52:78:01:42:46:8b:84:
e2:db:2b:45:05:9b:af:c4:77:ba:ed:7a:c1:ae:ea:
97:cd:e6:ae:0d:b9:3b:63:32:ac:a4:4b:cc:a0:0d:
b7:30:1b:6f:d2:aa:e0:a4:90:68:b1:25:f5:d5:f6:
7c:cf:d9:97:e0:52:a1:53:99:cb:df:3a:f0:62:f1:
b6:d1:d4:6f:94:68:82:48:cd:7d:da:23:1c:25:48:
bc:96:fd:bb:03:88:f3:54:e5:b9:91:4e:9f:36:19:
e9:26:7b:bc:1c:14:76:89:8f:b1:a7:2d:c2:e9:70:
dc:16:eb:f3:eb:82:cc:aa:5f:30:db:5f:32:fc:42:
0b:84:0c:66:d0:52:f9:2c:8f:42:4f:1a:71:5c:25:
ba:24:44:a3:7f:47:2f:00:71:f0:8e:b9:89:44:4a:
20:0f:a6:a6:17:12:9d:52:49:3c:2d:0b:ba:b7:1d:
d9:39:a3:cf:35:60:c4:3e:fa:4f:9b:5c:93:fb:f4:
cd:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F1:74:8F:50:3A:A0:F7:48:5F:3B:EE:E5:1B:3F:21:1C:66:9F:E3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS402487.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.204.0/24
178.83.134.0/24
Signature Algorithm: sha256WithRSAEncryption
04:dc:3e:68:bd:95:d3:80:ce:01:49:32:06:45:6a:9f:ec:2d:
bf:b9:c9:62:66:1d:11:a6:4e:01:70:f1:e4:0f:d5:93:2b:dd:
7d:1b:3e:a5:90:70:e7:c1:c6:9a:5b:44:1f:d2:86:2f:b8:c7:
58:0a:be:1d:71:d1:d7:f9:f7:fc:60:a8:0f:7d:03:d4:13:d4:
9c:21:93:58:a0:45:a0:f7:a6:86:85:11:da:75:c1:c0:a4:b3:
d7:41:b2:64:0e:44:c0:62:7d:00:03:4d:8e:aa:83:75:25:02:
40:34:23:41:fd:95:bf:54:63:0b:ce:a2:bf:2b:67:41:4a:e4:
fa:16:f4:fc:21:3e:b6:aa:5f:95:25:7c:cf:09:09:39:67:6a:
c7:f6:29:da:b6:11:d6:4f:31:14:3b:9b:41:e6:62:02:e5:69:
3b:a9:92:47:5a:84:a7:98:a1:7f:af:80:e0:d6:0a:3c:e8:a8:
bc:7e:f3:35:d1:e6:d8:63:10:32:ae:5b:42:97:93:68:0c:39:
6e:88:2d:bb:a4:79:4a:43:e1:b3:77:67:8f:1c:eb:cf:22:08:
6d:05:c1:d2:5b:c2:83:20:90:e7:7d:29:86:17:08:85:2d:9d:
f2:ea:85:f2:e9:7f:38:c8:b3:00:3e:06:27:dd:3a:9d:38:2f:
d5:e8:47:4f
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUJe4g3lqKbzhaPxZYGubvEb2qQbkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA1MTkwNzE1NDVaFw0yNzA1MTgwNzIwNDVaMDMxMTAvBgNV
BAMTKEFBRjE3NDhGNTAzQUEwRjc0ODVGM0JFRUU1MUIzRjIxMUM2NjlGRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoPHy8ZrWok9AdAO9hZh2qDwTT
JBwf8G5N7IlXwqlSlgn/MLiyIedcSQG1Sp6OXyL/E0BRCM9KGxPYsRzMEMEE6Lj+
UngBQkaLhOLbK0UFm6/Ed7rtesGu6pfN5q4NuTtjMqykS8ygDbcwG2/SquCkkGix
JfXV9nzP2ZfgUqFTmcvfOvBi8bbR1G+UaIJIzX3aIxwlSLyW/bsDiPNU5bmRTp82
Gekme7wcFHaJj7GnLcLpcNwW6/PrgsyqXzDbXzL8QguEDGbQUvksj0JPGnFcJbok
RKN/Ry8AcfCOuYlESiAPpqYXEp1SSTwtC7q3Hdk5o881YMQ++k+bXJP79M19AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUqvF0j1A6oPdIXzvu5Rs/IRxmn+MwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAyNDg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUhnM
AwQAslOGMA0GCSqGSIb3DQEBCwUAA4IBAQAE3D5ovZXTgM4BSTIGRWqf7C2/ucli
Zh0Rpk4BcPHkD9WTK919Gz6lkHDnwcaaW0Qf0oYvuMdYCr4dcdHX+ff8YKgPfQPU
E9ScIZNYoEWg96aGhRHadcHApLPXQbJkDkTAYn0AA02OqoN1JQJANCNB/ZW/VGML
zqK/K2dBSuT6FvT8IT62ql+VJXzPCQk5Z2rH9inathHWTzEUO5tB5mIC5Wk7qZJH
WoSnmKF/r4Dg1go86Ki8fvM10ebYYxAyrltCl5NoDDluiC27pHlKQ+Gzd2ePHOvP
IghtBcHSW8KDIJDnfSmGFwiFLZ3y6oXy6X84yLMAPgYn3TqdOC/V6EdP
-----END CERTIFICATE-----
Generated at Sun May 24 13:06:26 2026 by rpki-client